crackerjack 0.37.9__py3-none-any.whl → 0.45.2__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- crackerjack/README.md +19 -0
- crackerjack/__init__.py +30 -1
- crackerjack/__main__.py +342 -1263
- crackerjack/adapters/README.md +18 -0
- crackerjack/adapters/__init__.py +27 -5
- crackerjack/adapters/_output_paths.py +167 -0
- crackerjack/adapters/_qa_adapter_base.py +309 -0
- crackerjack/adapters/_tool_adapter_base.py +706 -0
- crackerjack/adapters/ai/README.md +65 -0
- crackerjack/adapters/ai/__init__.py +5 -0
- crackerjack/adapters/ai/claude.py +853 -0
- crackerjack/adapters/complexity/README.md +53 -0
- crackerjack/adapters/complexity/__init__.py +10 -0
- crackerjack/adapters/complexity/complexipy.py +641 -0
- crackerjack/adapters/dependency/__init__.py +22 -0
- crackerjack/adapters/dependency/pip_audit.py +418 -0
- crackerjack/adapters/format/README.md +72 -0
- crackerjack/adapters/format/__init__.py +11 -0
- crackerjack/adapters/format/mdformat.py +313 -0
- crackerjack/adapters/format/ruff.py +516 -0
- crackerjack/adapters/lint/README.md +47 -0
- crackerjack/adapters/lint/__init__.py +11 -0
- crackerjack/adapters/lint/codespell.py +273 -0
- crackerjack/adapters/lsp/README.md +49 -0
- crackerjack/adapters/lsp/__init__.py +27 -0
- crackerjack/adapters/{rust_tool_manager.py → lsp/_manager.py} +3 -3
- crackerjack/adapters/{skylos_adapter.py → lsp/skylos.py} +59 -7
- crackerjack/adapters/{zuban_adapter.py → lsp/zuban.py} +3 -6
- crackerjack/adapters/refactor/README.md +59 -0
- crackerjack/adapters/refactor/__init__.py +12 -0
- crackerjack/adapters/refactor/creosote.py +318 -0
- crackerjack/adapters/refactor/refurb.py +406 -0
- crackerjack/adapters/refactor/skylos.py +494 -0
- crackerjack/adapters/sast/README.md +132 -0
- crackerjack/adapters/sast/__init__.py +32 -0
- crackerjack/adapters/sast/_base.py +201 -0
- crackerjack/adapters/sast/bandit.py +423 -0
- crackerjack/adapters/sast/pyscn.py +405 -0
- crackerjack/adapters/sast/semgrep.py +241 -0
- crackerjack/adapters/security/README.md +111 -0
- crackerjack/adapters/security/__init__.py +17 -0
- crackerjack/adapters/security/gitleaks.py +339 -0
- crackerjack/adapters/type/README.md +52 -0
- crackerjack/adapters/type/__init__.py +12 -0
- crackerjack/adapters/type/pyrefly.py +402 -0
- crackerjack/adapters/type/ty.py +402 -0
- crackerjack/adapters/type/zuban.py +522 -0
- crackerjack/adapters/utility/README.md +51 -0
- crackerjack/adapters/utility/__init__.py +10 -0
- crackerjack/adapters/utility/checks.py +884 -0
- crackerjack/agents/README.md +264 -0
- crackerjack/agents/__init__.py +40 -12
- crackerjack/agents/base.py +1 -0
- crackerjack/agents/claude_code_bridge.py +641 -0
- crackerjack/agents/coordinator.py +49 -53
- crackerjack/agents/dry_agent.py +187 -3
- crackerjack/agents/enhanced_coordinator.py +279 -0
- crackerjack/agents/enhanced_proactive_agent.py +185 -0
- crackerjack/agents/error_middleware.py +53 -0
- crackerjack/agents/formatting_agent.py +6 -8
- crackerjack/agents/helpers/__init__.py +9 -0
- crackerjack/agents/helpers/performance/__init__.py +22 -0
- crackerjack/agents/helpers/performance/performance_ast_analyzer.py +357 -0
- crackerjack/agents/helpers/performance/performance_pattern_detector.py +909 -0
- crackerjack/agents/helpers/performance/performance_recommender.py +572 -0
- crackerjack/agents/helpers/refactoring/__init__.py +22 -0
- crackerjack/agents/helpers/refactoring/code_transformer.py +536 -0
- crackerjack/agents/helpers/refactoring/complexity_analyzer.py +344 -0
- crackerjack/agents/helpers/refactoring/dead_code_detector.py +437 -0
- crackerjack/agents/helpers/test_creation/__init__.py +19 -0
- crackerjack/agents/helpers/test_creation/test_ast_analyzer.py +216 -0
- crackerjack/agents/helpers/test_creation/test_coverage_analyzer.py +643 -0
- crackerjack/agents/helpers/test_creation/test_template_generator.py +1031 -0
- crackerjack/agents/performance_agent.py +121 -1152
- crackerjack/agents/refactoring_agent.py +156 -655
- crackerjack/agents/semantic_agent.py +479 -0
- crackerjack/agents/semantic_helpers.py +356 -0
- crackerjack/agents/test_creation_agent.py +19 -1605
- crackerjack/api.py +5 -7
- crackerjack/cli/README.md +394 -0
- crackerjack/cli/__init__.py +1 -1
- crackerjack/cli/cache_handlers.py +23 -18
- crackerjack/cli/cache_handlers_enhanced.py +1 -4
- crackerjack/cli/facade.py +70 -8
- crackerjack/cli/formatting.py +13 -0
- crackerjack/cli/handlers/__init__.py +85 -0
- crackerjack/cli/handlers/advanced.py +103 -0
- crackerjack/cli/handlers/ai_features.py +62 -0
- crackerjack/cli/handlers/analytics.py +479 -0
- crackerjack/cli/handlers/changelog.py +271 -0
- crackerjack/cli/handlers/config_handlers.py +16 -0
- crackerjack/cli/handlers/coverage.py +84 -0
- crackerjack/cli/handlers/documentation.py +280 -0
- crackerjack/cli/handlers/main_handlers.py +497 -0
- crackerjack/cli/handlers/monitoring.py +371 -0
- crackerjack/cli/handlers.py +249 -49
- crackerjack/cli/interactive.py +8 -5
- crackerjack/cli/options.py +203 -110
- crackerjack/cli/semantic_handlers.py +292 -0
- crackerjack/cli/version.py +19 -0
- crackerjack/code_cleaner.py +60 -24
- crackerjack/config/README.md +472 -0
- crackerjack/config/__init__.py +256 -0
- crackerjack/config/global_lock_config.py +191 -54
- crackerjack/config/hooks.py +188 -16
- crackerjack/config/loader.py +239 -0
- crackerjack/config/settings.py +141 -0
- crackerjack/config/tool_commands.py +331 -0
- crackerjack/core/README.md +393 -0
- crackerjack/core/async_workflow_orchestrator.py +79 -53
- crackerjack/core/autofix_coordinator.py +22 -9
- crackerjack/core/container.py +10 -9
- crackerjack/core/enhanced_container.py +9 -9
- crackerjack/core/performance.py +1 -1
- crackerjack/core/performance_monitor.py +5 -3
- crackerjack/core/phase_coordinator.py +1018 -634
- crackerjack/core/proactive_workflow.py +3 -3
- crackerjack/core/retry.py +275 -0
- crackerjack/core/service_watchdog.py +167 -23
- crackerjack/core/session_coordinator.py +187 -382
- crackerjack/core/timeout_manager.py +161 -44
- crackerjack/core/workflow/__init__.py +21 -0
- crackerjack/core/workflow/workflow_ai_coordinator.py +863 -0
- crackerjack/core/workflow/workflow_event_orchestrator.py +1107 -0
- crackerjack/core/workflow/workflow_issue_parser.py +714 -0
- crackerjack/core/workflow/workflow_phase_executor.py +1158 -0
- crackerjack/core/workflow/workflow_security_gates.py +400 -0
- crackerjack/core/workflow_orchestrator.py +1247 -953
- crackerjack/data/README.md +11 -0
- crackerjack/data/__init__.py +8 -0
- crackerjack/data/models.py +79 -0
- crackerjack/data/repository.py +210 -0
- crackerjack/decorators/README.md +180 -0
- crackerjack/decorators/__init__.py +35 -0
- crackerjack/decorators/error_handling.py +649 -0
- crackerjack/decorators/error_handling_decorators.py +334 -0
- crackerjack/decorators/helpers.py +58 -0
- crackerjack/decorators/patterns.py +281 -0
- crackerjack/decorators/utils.py +58 -0
- crackerjack/docs/README.md +11 -0
- crackerjack/docs/generated/api/CLI_REFERENCE.md +1 -1
- crackerjack/documentation/README.md +11 -0
- crackerjack/documentation/ai_templates.py +1 -1
- crackerjack/documentation/dual_output_generator.py +11 -9
- crackerjack/documentation/reference_generator.py +104 -59
- crackerjack/dynamic_config.py +52 -61
- crackerjack/errors.py +1 -1
- crackerjack/events/README.md +11 -0
- crackerjack/events/__init__.py +16 -0
- crackerjack/events/telemetry.py +175 -0
- crackerjack/events/workflow_bus.py +346 -0
- crackerjack/exceptions/README.md +301 -0
- crackerjack/exceptions/__init__.py +5 -0
- crackerjack/exceptions/config.py +4 -0
- crackerjack/exceptions/tool_execution_error.py +245 -0
- crackerjack/executors/README.md +591 -0
- crackerjack/executors/__init__.py +2 -0
- crackerjack/executors/async_hook_executor.py +539 -77
- crackerjack/executors/cached_hook_executor.py +3 -3
- crackerjack/executors/hook_executor.py +967 -102
- crackerjack/executors/hook_lock_manager.py +31 -22
- crackerjack/executors/individual_hook_executor.py +66 -32
- crackerjack/executors/lsp_aware_hook_executor.py +136 -57
- crackerjack/executors/progress_hook_executor.py +282 -0
- crackerjack/executors/tool_proxy.py +23 -7
- crackerjack/hooks/README.md +485 -0
- crackerjack/hooks/lsp_hook.py +8 -9
- crackerjack/intelligence/README.md +557 -0
- crackerjack/interactive.py +37 -10
- crackerjack/managers/README.md +369 -0
- crackerjack/managers/async_hook_manager.py +41 -57
- crackerjack/managers/hook_manager.py +449 -79
- crackerjack/managers/publish_manager.py +81 -36
- crackerjack/managers/test_command_builder.py +290 -12
- crackerjack/managers/test_executor.py +93 -8
- crackerjack/managers/test_manager.py +1082 -75
- crackerjack/managers/test_progress.py +118 -26
- crackerjack/mcp/README.md +374 -0
- crackerjack/mcp/cache.py +25 -2
- crackerjack/mcp/client_runner.py +35 -18
- crackerjack/mcp/context.py +9 -9
- crackerjack/mcp/dashboard.py +24 -8
- crackerjack/mcp/enhanced_progress_monitor.py +34 -23
- crackerjack/mcp/file_monitor.py +27 -6
- crackerjack/mcp/progress_components.py +45 -34
- crackerjack/mcp/progress_monitor.py +6 -9
- crackerjack/mcp/rate_limiter.py +11 -7
- crackerjack/mcp/server.py +2 -0
- crackerjack/mcp/server_core.py +187 -55
- crackerjack/mcp/service_watchdog.py +12 -9
- crackerjack/mcp/task_manager.py +2 -2
- crackerjack/mcp/tools/README.md +27 -0
- crackerjack/mcp/tools/__init__.py +2 -0
- crackerjack/mcp/tools/core_tools.py +75 -52
- crackerjack/mcp/tools/execution_tools.py +87 -31
- crackerjack/mcp/tools/intelligence_tools.py +2 -2
- crackerjack/mcp/tools/proactive_tools.py +1 -1
- crackerjack/mcp/tools/semantic_tools.py +584 -0
- crackerjack/mcp/tools/utility_tools.py +180 -132
- crackerjack/mcp/tools/workflow_executor.py +87 -46
- crackerjack/mcp/websocket/README.md +31 -0
- crackerjack/mcp/websocket/app.py +11 -1
- crackerjack/mcp/websocket/event_bridge.py +188 -0
- crackerjack/mcp/websocket/jobs.py +27 -4
- crackerjack/mcp/websocket/monitoring/__init__.py +25 -0
- crackerjack/mcp/websocket/monitoring/api/__init__.py +19 -0
- crackerjack/mcp/websocket/monitoring/api/dependencies.py +141 -0
- crackerjack/mcp/websocket/monitoring/api/heatmap.py +154 -0
- crackerjack/mcp/websocket/monitoring/api/intelligence.py +199 -0
- crackerjack/mcp/websocket/monitoring/api/metrics.py +203 -0
- crackerjack/mcp/websocket/monitoring/api/telemetry.py +101 -0
- crackerjack/mcp/websocket/monitoring/dashboard.py +18 -0
- crackerjack/mcp/websocket/monitoring/factory.py +109 -0
- crackerjack/mcp/websocket/monitoring/filters.py +10 -0
- crackerjack/mcp/websocket/monitoring/metrics.py +64 -0
- crackerjack/mcp/websocket/monitoring/models.py +90 -0
- crackerjack/mcp/websocket/monitoring/utils.py +171 -0
- crackerjack/mcp/websocket/monitoring/websocket_manager.py +78 -0
- crackerjack/mcp/websocket/monitoring/websockets/__init__.py +17 -0
- crackerjack/mcp/websocket/monitoring/websockets/dependencies.py +126 -0
- crackerjack/mcp/websocket/monitoring/websockets/heatmap.py +176 -0
- crackerjack/mcp/websocket/monitoring/websockets/intelligence.py +291 -0
- crackerjack/mcp/websocket/monitoring/websockets/metrics.py +291 -0
- crackerjack/mcp/websocket/monitoring_endpoints.py +16 -2930
- crackerjack/mcp/websocket/server.py +1 -3
- crackerjack/mcp/websocket/websocket_handler.py +107 -6
- crackerjack/models/README.md +308 -0
- crackerjack/models/__init__.py +10 -1
- crackerjack/models/config.py +639 -22
- crackerjack/models/config_adapter.py +6 -6
- crackerjack/models/protocols.py +1167 -23
- crackerjack/models/pydantic_models.py +320 -0
- crackerjack/models/qa_config.py +145 -0
- crackerjack/models/qa_results.py +134 -0
- crackerjack/models/results.py +35 -0
- crackerjack/models/semantic_models.py +258 -0
- crackerjack/models/task.py +19 -3
- crackerjack/models/test_models.py +60 -0
- crackerjack/monitoring/README.md +11 -0
- crackerjack/monitoring/ai_agent_watchdog.py +5 -4
- crackerjack/monitoring/metrics_collector.py +4 -3
- crackerjack/monitoring/regression_prevention.py +4 -3
- crackerjack/monitoring/websocket_server.py +4 -241
- crackerjack/orchestration/README.md +340 -0
- crackerjack/orchestration/__init__.py +43 -0
- crackerjack/orchestration/advanced_orchestrator.py +20 -67
- crackerjack/orchestration/cache/README.md +312 -0
- crackerjack/orchestration/cache/__init__.py +37 -0
- crackerjack/orchestration/cache/memory_cache.py +338 -0
- crackerjack/orchestration/cache/tool_proxy_cache.py +340 -0
- crackerjack/orchestration/config.py +297 -0
- crackerjack/orchestration/coverage_improvement.py +13 -6
- crackerjack/orchestration/execution_strategies.py +6 -6
- crackerjack/orchestration/hook_orchestrator.py +1398 -0
- crackerjack/orchestration/strategies/README.md +401 -0
- crackerjack/orchestration/strategies/__init__.py +39 -0
- crackerjack/orchestration/strategies/adaptive_strategy.py +630 -0
- crackerjack/orchestration/strategies/parallel_strategy.py +237 -0
- crackerjack/orchestration/strategies/sequential_strategy.py +299 -0
- crackerjack/orchestration/test_progress_streamer.py +1 -1
- crackerjack/plugins/README.md +11 -0
- crackerjack/plugins/hooks.py +3 -2
- crackerjack/plugins/loader.py +3 -3
- crackerjack/plugins/managers.py +1 -1
- crackerjack/py313.py +191 -0
- crackerjack/security/README.md +11 -0
- crackerjack/services/README.md +374 -0
- crackerjack/services/__init__.py +8 -21
- crackerjack/services/ai/README.md +295 -0
- crackerjack/services/ai/__init__.py +7 -0
- crackerjack/services/ai/advanced_optimizer.py +878 -0
- crackerjack/services/{contextual_ai_assistant.py → ai/contextual_ai_assistant.py} +5 -3
- crackerjack/services/ai/embeddings.py +444 -0
- crackerjack/services/ai/intelligent_commit.py +328 -0
- crackerjack/services/ai/predictive_analytics.py +510 -0
- crackerjack/services/api_extractor.py +5 -3
- crackerjack/services/bounded_status_operations.py +45 -5
- crackerjack/services/cache.py +249 -318
- crackerjack/services/changelog_automation.py +7 -3
- crackerjack/services/command_execution_service.py +305 -0
- crackerjack/services/config_integrity.py +83 -39
- crackerjack/services/config_merge.py +9 -6
- crackerjack/services/config_service.py +198 -0
- crackerjack/services/config_template.py +13 -26
- crackerjack/services/coverage_badge_service.py +6 -4
- crackerjack/services/coverage_ratchet.py +53 -27
- crackerjack/services/debug.py +18 -7
- crackerjack/services/dependency_analyzer.py +4 -4
- crackerjack/services/dependency_monitor.py +13 -13
- crackerjack/services/documentation_generator.py +4 -2
- crackerjack/services/documentation_service.py +62 -33
- crackerjack/services/enhanced_filesystem.py +81 -27
- crackerjack/services/enterprise_optimizer.py +1 -1
- crackerjack/services/error_pattern_analyzer.py +10 -10
- crackerjack/services/file_filter.py +221 -0
- crackerjack/services/file_hasher.py +5 -7
- crackerjack/services/file_io_service.py +361 -0
- crackerjack/services/file_modifier.py +615 -0
- crackerjack/services/filesystem.py +80 -109
- crackerjack/services/git.py +99 -5
- crackerjack/services/health_metrics.py +4 -6
- crackerjack/services/heatmap_generator.py +12 -3
- crackerjack/services/incremental_executor.py +380 -0
- crackerjack/services/initialization.py +101 -49
- crackerjack/services/log_manager.py +2 -2
- crackerjack/services/logging.py +120 -68
- crackerjack/services/lsp_client.py +12 -12
- crackerjack/services/memory_optimizer.py +27 -22
- crackerjack/services/monitoring/README.md +30 -0
- crackerjack/services/monitoring/__init__.py +9 -0
- crackerjack/services/monitoring/dependency_monitor.py +678 -0
- crackerjack/services/monitoring/error_pattern_analyzer.py +676 -0
- crackerjack/services/monitoring/health_metrics.py +716 -0
- crackerjack/services/monitoring/metrics.py +587 -0
- crackerjack/services/{performance_benchmarks.py → monitoring/performance_benchmarks.py} +100 -14
- crackerjack/services/{performance_cache.py → monitoring/performance_cache.py} +21 -15
- crackerjack/services/{performance_monitor.py → monitoring/performance_monitor.py} +10 -6
- crackerjack/services/parallel_executor.py +166 -55
- crackerjack/services/patterns/__init__.py +142 -0
- crackerjack/services/patterns/agents.py +107 -0
- crackerjack/services/patterns/code/__init__.py +15 -0
- crackerjack/services/patterns/code/detection.py +118 -0
- crackerjack/services/patterns/code/imports.py +107 -0
- crackerjack/services/patterns/code/paths.py +159 -0
- crackerjack/services/patterns/code/performance.py +119 -0
- crackerjack/services/patterns/code/replacement.py +36 -0
- crackerjack/services/patterns/core.py +212 -0
- crackerjack/services/patterns/documentation/__init__.py +14 -0
- crackerjack/services/patterns/documentation/badges_markdown.py +96 -0
- crackerjack/services/patterns/documentation/comments_blocks.py +83 -0
- crackerjack/services/patterns/documentation/docstrings.py +89 -0
- crackerjack/services/patterns/formatting.py +226 -0
- crackerjack/services/patterns/operations.py +339 -0
- crackerjack/services/patterns/security/__init__.py +23 -0
- crackerjack/services/patterns/security/code_injection.py +122 -0
- crackerjack/services/patterns/security/credentials.py +190 -0
- crackerjack/services/patterns/security/path_traversal.py +221 -0
- crackerjack/services/patterns/security/unsafe_operations.py +216 -0
- crackerjack/services/patterns/templates.py +62 -0
- crackerjack/services/patterns/testing/__init__.py +18 -0
- crackerjack/services/patterns/testing/error_patterns.py +107 -0
- crackerjack/services/patterns/testing/pytest_output.py +126 -0
- crackerjack/services/patterns/tool_output/__init__.py +16 -0
- crackerjack/services/patterns/tool_output/bandit.py +72 -0
- crackerjack/services/patterns/tool_output/other.py +97 -0
- crackerjack/services/patterns/tool_output/pyright.py +67 -0
- crackerjack/services/patterns/tool_output/ruff.py +44 -0
- crackerjack/services/patterns/url_sanitization.py +114 -0
- crackerjack/services/patterns/utilities.py +42 -0
- crackerjack/services/patterns/utils.py +339 -0
- crackerjack/services/patterns/validation.py +46 -0
- crackerjack/services/patterns/versioning.py +62 -0
- crackerjack/services/predictive_analytics.py +21 -8
- crackerjack/services/profiler.py +280 -0
- crackerjack/services/quality/README.md +415 -0
- crackerjack/services/quality/__init__.py +11 -0
- crackerjack/services/quality/anomaly_detector.py +392 -0
- crackerjack/services/quality/pattern_cache.py +333 -0
- crackerjack/services/quality/pattern_detector.py +479 -0
- crackerjack/services/quality/qa_orchestrator.py +491 -0
- crackerjack/services/{quality_baseline.py → quality/quality_baseline.py} +163 -2
- crackerjack/services/{quality_baseline_enhanced.py → quality/quality_baseline_enhanced.py} +4 -1
- crackerjack/services/{quality_intelligence.py → quality/quality_intelligence.py} +180 -16
- crackerjack/services/regex_patterns.py +58 -2987
- crackerjack/services/regex_utils.py +55 -29
- crackerjack/services/secure_status_formatter.py +42 -15
- crackerjack/services/secure_subprocess.py +35 -2
- crackerjack/services/security.py +16 -8
- crackerjack/services/server_manager.py +40 -51
- crackerjack/services/smart_scheduling.py +46 -6
- crackerjack/services/status_authentication.py +3 -3
- crackerjack/services/thread_safe_status_collector.py +1 -0
- crackerjack/services/tool_filter.py +368 -0
- crackerjack/services/tool_version_service.py +9 -5
- crackerjack/services/unified_config.py +43 -351
- crackerjack/services/vector_store.py +689 -0
- crackerjack/services/version_analyzer.py +6 -4
- crackerjack/services/version_checker.py +14 -8
- crackerjack/services/zuban_lsp_service.py +5 -4
- crackerjack/slash_commands/README.md +11 -0
- crackerjack/slash_commands/init.md +2 -12
- crackerjack/slash_commands/run.md +84 -50
- crackerjack/tools/README.md +11 -0
- crackerjack/tools/__init__.py +30 -0
- crackerjack/tools/_git_utils.py +105 -0
- crackerjack/tools/check_added_large_files.py +139 -0
- crackerjack/tools/check_ast.py +105 -0
- crackerjack/tools/check_json.py +103 -0
- crackerjack/tools/check_jsonschema.py +297 -0
- crackerjack/tools/check_toml.py +103 -0
- crackerjack/tools/check_yaml.py +110 -0
- crackerjack/tools/codespell_wrapper.py +72 -0
- crackerjack/tools/end_of_file_fixer.py +202 -0
- crackerjack/tools/format_json.py +128 -0
- crackerjack/tools/mdformat_wrapper.py +114 -0
- crackerjack/tools/trailing_whitespace.py +198 -0
- crackerjack/tools/validate_regex_patterns.py +7 -3
- crackerjack/ui/README.md +11 -0
- crackerjack/ui/dashboard_renderer.py +28 -0
- crackerjack/ui/templates/README.md +11 -0
- crackerjack/utils/console_utils.py +13 -0
- crackerjack/utils/dependency_guard.py +230 -0
- crackerjack/utils/retry_utils.py +275 -0
- crackerjack/workflows/README.md +590 -0
- crackerjack/workflows/__init__.py +46 -0
- crackerjack/workflows/actions.py +811 -0
- crackerjack/workflows/auto_fix.py +444 -0
- crackerjack/workflows/container_builder.py +499 -0
- crackerjack/workflows/definitions.py +443 -0
- crackerjack/workflows/engine.py +177 -0
- crackerjack/workflows/event_bridge.py +242 -0
- {crackerjack-0.37.9.dist-info → crackerjack-0.45.2.dist-info}/METADATA +678 -98
- crackerjack-0.45.2.dist-info/RECORD +478 -0
- {crackerjack-0.37.9.dist-info → crackerjack-0.45.2.dist-info}/WHEEL +1 -1
- crackerjack/managers/test_manager_backup.py +0 -1075
- crackerjack/mcp/tools/execution_tools_backup.py +0 -1011
- crackerjack/mixins/__init__.py +0 -3
- crackerjack/mixins/error_handling.py +0 -145
- crackerjack/services/config.py +0 -358
- crackerjack/ui/server_panels.py +0 -125
- crackerjack-0.37.9.dist-info/RECORD +0 -231
- /crackerjack/adapters/{rust_tool_adapter.py → lsp/_base.py} +0 -0
- /crackerjack/adapters/{lsp_client.py → lsp/_client.py} +0 -0
- {crackerjack-0.37.9.dist-info → crackerjack-0.45.2.dist-info}/entry_points.txt +0 -0
- {crackerjack-0.37.9.dist-info → crackerjack-0.45.2.dist-info}/licenses/LICENSE +0 -0
|
@@ -0,0 +1,122 @@
|
|
|
1
|
+
"""Code injection detection patterns for SQL, Python, and system commands.
|
|
2
|
+
|
|
3
|
+
This module contains patterns for detecting SQL injection, code evaluation
|
|
4
|
+
injection, dynamic code execution, and system command injection attacks.
|
|
5
|
+
"""
|
|
6
|
+
|
|
7
|
+
import re
|
|
8
|
+
|
|
9
|
+
from ..core import ValidatedPattern
|
|
10
|
+
|
|
11
|
+
PATTERNS: dict[str, ValidatedPattern] = {
|
|
12
|
+
"validate_code_compilation": ValidatedPattern(
|
|
13
|
+
name="validate_code_compilation",
|
|
14
|
+
pattern=r"\bcompile\s*\(|code\.compile",
|
|
15
|
+
replacement="[CODE_COMPILE]",
|
|
16
|
+
description="Detect code compilation patterns for injection",
|
|
17
|
+
global_replace=True,
|
|
18
|
+
test_cases=[
|
|
19
|
+
("compile(source)", "[CODE_COMPILE]source)"),
|
|
20
|
+
("code.compile(source)", "[CODE_COMPILE](source)"),
|
|
21
|
+
("compiled", "compiled"),
|
|
22
|
+
],
|
|
23
|
+
),
|
|
24
|
+
"validate_code_dynamic_access": ValidatedPattern(
|
|
25
|
+
name="validate_code_dynamic_access",
|
|
26
|
+
pattern=r"\b(__import__|getattr|setattr|delattr)\b",
|
|
27
|
+
replacement="[DYNAMIC_ACCESS]",
|
|
28
|
+
description="Detect dynamic attribute access patterns for code injection",
|
|
29
|
+
global_replace=True,
|
|
30
|
+
test_cases=[
|
|
31
|
+
("__import__", "[DYNAMIC_ACCESS]"),
|
|
32
|
+
("getattr(obj, name)", "[DYNAMIC_ACCESS](obj, name)"),
|
|
33
|
+
("setattr(obj, name)", "[DYNAMIC_ACCESS](obj, name)"),
|
|
34
|
+
("delattr(obj, name)", "[DYNAMIC_ACCESS](obj, name)"),
|
|
35
|
+
("mygetattr", "mygetattr"),
|
|
36
|
+
],
|
|
37
|
+
),
|
|
38
|
+
"validate_code_eval_injection": ValidatedPattern(
|
|
39
|
+
name="validate_code_eval_injection",
|
|
40
|
+
pattern=r"\b(eval|exec|execfile)\s*\(",
|
|
41
|
+
replacement="[CODE_EVAL](",
|
|
42
|
+
description="Detect Python code evaluation injection patterns",
|
|
43
|
+
global_replace=True,
|
|
44
|
+
test_cases=[
|
|
45
|
+
("eval(code)", "[CODE_EVAL](code)"),
|
|
46
|
+
("exec(command)", "[CODE_EVAL](command)"),
|
|
47
|
+
("execfile(script)", "[CODE_EVAL](script)"),
|
|
48
|
+
("evaluate()", "evaluate()"),
|
|
49
|
+
],
|
|
50
|
+
),
|
|
51
|
+
"validate_code_system_commands": ValidatedPattern(
|
|
52
|
+
name="validate_code_system_commands",
|
|
53
|
+
pattern=r"\b(subprocess|os\.system|os\.popen|commands\.)",
|
|
54
|
+
replacement="[SYSTEM_COMMAND]",
|
|
55
|
+
description="Detect system command execution patterns for code injection",
|
|
56
|
+
global_replace=True,
|
|
57
|
+
test_cases=[
|
|
58
|
+
("subprocess.run", "[SYSTEM_COMMAND].run"),
|
|
59
|
+
("os.system(cmd)", "[SYSTEM_COMMAND](cmd)"),
|
|
60
|
+
("os.popen(cmd)", "[SYSTEM_COMMAND](cmd)"),
|
|
61
|
+
("commands.getoutput", "[SYSTEM_COMMAND]getoutput"),
|
|
62
|
+
("mysubprocess", "mysubprocess"),
|
|
63
|
+
],
|
|
64
|
+
),
|
|
65
|
+
"validate_sql_boolean_injection": ValidatedPattern(
|
|
66
|
+
name="validate_sql_boolean_injection",
|
|
67
|
+
pattern=r"\b(or|and)\b.*=",
|
|
68
|
+
replacement="[BOOLEAN_INJECTION]",
|
|
69
|
+
flags=re.IGNORECASE,
|
|
70
|
+
description="Detect boolean-based SQL injection patterns (case insensitive)",
|
|
71
|
+
global_replace=True,
|
|
72
|
+
test_cases=[
|
|
73
|
+
("or 1=1", "[BOOLEAN_INJECTION]1"),
|
|
74
|
+
("AND password=", "[BOOLEAN_INJECTION]"),
|
|
75
|
+
("normal or text", "normal or text"),
|
|
76
|
+
("value=test", "value=test"),
|
|
77
|
+
],
|
|
78
|
+
),
|
|
79
|
+
"validate_sql_comment_patterns": ValidatedPattern(
|
|
80
|
+
name="validate_sql_comment_patterns",
|
|
81
|
+
pattern=r"(-{2,}|\/\*|\*\/)",
|
|
82
|
+
replacement="[SQL_COMMENT]",
|
|
83
|
+
description="Detect SQL comment patterns in input validation",
|
|
84
|
+
global_replace=True,
|
|
85
|
+
test_cases=[
|
|
86
|
+
("--comment", "[SQL_COMMENT]comment"),
|
|
87
|
+
("/* comment */", "[SQL_COMMENT] comment [SQL_COMMENT]"),
|
|
88
|
+
("normal-text", "normal-text"),
|
|
89
|
+
("---triple", "[SQL_COMMENT]triple"),
|
|
90
|
+
],
|
|
91
|
+
),
|
|
92
|
+
"validate_sql_injection_patterns": ValidatedPattern(
|
|
93
|
+
name="validate_sql_injection_patterns",
|
|
94
|
+
pattern=r"\b(union|select|insert|update|delete|drop|create|alter|"
|
|
95
|
+
r"exec|execute)\b",
|
|
96
|
+
replacement="[SQL_INJECTION]",
|
|
97
|
+
flags=re.IGNORECASE,
|
|
98
|
+
description="Detect SQL injection patterns in input validation "
|
|
99
|
+
"(case insensitive)",
|
|
100
|
+
global_replace=True,
|
|
101
|
+
test_cases=[
|
|
102
|
+
("UNION SELECT", "[SQL_INJECTION] [SQL_INJECTION]"),
|
|
103
|
+
("drop table", "[SQL_INJECTION] table"),
|
|
104
|
+
("normal text", "normal text"),
|
|
105
|
+
("exec command", "[SQL_INJECTION] command"),
|
|
106
|
+
("execute procedure", "[SQL_INJECTION] procedure"),
|
|
107
|
+
],
|
|
108
|
+
),
|
|
109
|
+
"validate_sql_server_specific": ValidatedPattern(
|
|
110
|
+
name="validate_sql_server_specific",
|
|
111
|
+
pattern=r"\b(xp_cmdshell|sp_executesql)\b",
|
|
112
|
+
replacement="[SQLSERVER_EXPLOIT]",
|
|
113
|
+
flags=re.IGNORECASE,
|
|
114
|
+
description="Detect SQL Server specific attack patterns (case insensitive)",
|
|
115
|
+
global_replace=True,
|
|
116
|
+
test_cases=[
|
|
117
|
+
("xp_cmdshell", "[SQLSERVER_EXPLOIT]"),
|
|
118
|
+
("SP_EXECUTESQL", "[SQLSERVER_EXPLOIT]"),
|
|
119
|
+
("normal text", "normal text"),
|
|
120
|
+
],
|
|
121
|
+
),
|
|
122
|
+
}
|
|
@@ -0,0 +1,190 @@
|
|
|
1
|
+
"""Credential and secret detection patterns for security validation.
|
|
2
|
+
|
|
3
|
+
This module contains patterns for detecting and masking hardcoded credentials,
|
|
4
|
+
secrets, tokens, and other sensitive authentication data in code.
|
|
5
|
+
"""
|
|
6
|
+
|
|
7
|
+
import re
|
|
8
|
+
|
|
9
|
+
from ..core import ValidatedPattern
|
|
10
|
+
|
|
11
|
+
PATTERNS: dict[str, ValidatedPattern] = {
|
|
12
|
+
"detect_hardcoded_credentials_advanced": ValidatedPattern(
|
|
13
|
+
name="detect_hardcoded_credentials_advanced",
|
|
14
|
+
pattern=r"(?i)\b(?:password|passwd|pwd|secret|key|token|api_key|"
|
|
15
|
+
r'apikey)\s*[:=]\s*["\'][^"\']{3,}["\']',
|
|
16
|
+
replacement="[HARDCODED_CREDENTIAL_DETECTED]",
|
|
17
|
+
description="Detect hardcoded credentials in various formats "
|
|
18
|
+
"(case insensitive)",
|
|
19
|
+
flags=re.IGNORECASE,
|
|
20
|
+
global_replace=True,
|
|
21
|
+
test_cases=[
|
|
22
|
+
('password="secret123"', "[HARDCODED_CREDENTIAL_DETECTED]"),
|
|
23
|
+
("API_KEY = 'abc-123-def'", "[HARDCODED_CREDENTIAL_DETECTED]"),
|
|
24
|
+
('token: "my-secret-token"', "[HARDCODED_CREDENTIAL_DETECTED]"),
|
|
25
|
+
(
|
|
26
|
+
'username = "user"',
|
|
27
|
+
'username = "user"',
|
|
28
|
+
),
|
|
29
|
+
],
|
|
30
|
+
),
|
|
31
|
+
"detect_hardcoded_secrets": ValidatedPattern(
|
|
32
|
+
name="detect_hardcoded_secrets",
|
|
33
|
+
pattern=r'\b\w*(password|secret|key|token)\w*\s*=\s*[\'"][^\'"]+[\'"]',
|
|
34
|
+
replacement="[SECRET_DETECTED]",
|
|
35
|
+
description="Detect hardcoded secrets in assignments (case insensitive)",
|
|
36
|
+
flags=re.IGNORECASE,
|
|
37
|
+
global_replace=True,
|
|
38
|
+
test_cases=[
|
|
39
|
+
('password = "secret123"', "[SECRET_DETECTED]"),
|
|
40
|
+
("api_key = 'abc123def'", "[SECRET_DETECTED]"),
|
|
41
|
+
('TOKEN = "my-token-here"', "[SECRET_DETECTED]"),
|
|
42
|
+
("username = 'user123'", "username = 'user123'"),
|
|
43
|
+
],
|
|
44
|
+
),
|
|
45
|
+
"fix_hardcoded_jwt_secret": ValidatedPattern(
|
|
46
|
+
name="fix_hardcoded_jwt_secret",
|
|
47
|
+
pattern=r'(JWT_SECRET|jwt_secret)\s*=\s*["\'][^"\']+["\']',
|
|
48
|
+
replacement=r'\1 = os.getenv("JWT_SECRET", "")',
|
|
49
|
+
description="Replace hardcoded JWT secrets with environment variables",
|
|
50
|
+
global_replace=True,
|
|
51
|
+
test_cases=[
|
|
52
|
+
(
|
|
53
|
+
'JWT_SECRET = "hardcoded-secret"',
|
|
54
|
+
'JWT_SECRET = os.getenv("JWT_SECRET", "")',
|
|
55
|
+
),
|
|
56
|
+
('jwt_secret = "my-secret"', 'jwt_secret = os.getenv("JWT_SECRET", "")'),
|
|
57
|
+
('other_var = "value"', 'other_var = "value"'),
|
|
58
|
+
],
|
|
59
|
+
),
|
|
60
|
+
"mask_generic_long_token": ValidatedPattern(
|
|
61
|
+
name="mask_generic_long_token",
|
|
62
|
+
pattern=r"\b[a-zA-Z0-9_-]{32,}\b",
|
|
63
|
+
replacement="****",
|
|
64
|
+
description="Mask generic long tokens (32+ chars, word boundaries to avoid"
|
|
65
|
+
" false positives)",
|
|
66
|
+
global_replace=True,
|
|
67
|
+
test_cases=[
|
|
68
|
+
("secret_key=abcdef1234567890abcdef1234567890abcdef", "secret_key=****"),
|
|
69
|
+
(
|
|
70
|
+
"Short token abc123def456",
|
|
71
|
+
"Short token abc123def456",
|
|
72
|
+
),
|
|
73
|
+
(
|
|
74
|
+
"File path "
|
|
75
|
+
"/very/long/path/that/should/not/be/masked/even/though/its/long",
|
|
76
|
+
"File path "
|
|
77
|
+
"/very/long/path/that/should/not/be/masked/even/though/its/long",
|
|
78
|
+
),
|
|
79
|
+
("API_KEY=verylongapikeyhere1234567890123456", "API_KEY=****"),
|
|
80
|
+
(
|
|
81
|
+
"Long-token_with-underscores_123456789012345678",
|
|
82
|
+
"****",
|
|
83
|
+
),
|
|
84
|
+
],
|
|
85
|
+
),
|
|
86
|
+
"mask_github_token": ValidatedPattern(
|
|
87
|
+
name="mask_github_token",
|
|
88
|
+
pattern=r"\bghp_[a-zA-Z0-9]{8,}\b", # Adjusted to support varying token lengths (at least 8 chars after ghp_)
|
|
89
|
+
replacement="ghp_****",
|
|
90
|
+
description="Mask GitHub personal access tokens (variable length after ghp_"
|
|
91
|
+
" with word boundaries)",
|
|
92
|
+
global_replace=True,
|
|
93
|
+
test_cases=[
|
|
94
|
+
("ghp_1234567890abcdef1234567890abcdef1234", "ghp_****"),
|
|
95
|
+
(
|
|
96
|
+
"GITHUB_TOKEN=ghp_1234567890abcdefghij", # Updated to support the test token format
|
|
97
|
+
"GITHUB_TOKEN=ghp_****",
|
|
98
|
+
),
|
|
99
|
+
("ghp_short", "ghp_short"),
|
|
100
|
+
(
|
|
101
|
+
"ghp_1234567890abcdef1234567890abcdef12345",
|
|
102
|
+
"ghp_****",
|
|
103
|
+
),
|
|
104
|
+
(
|
|
105
|
+
"Multiple ghp_1234567890abcdef1234567890abcdef1234 and"
|
|
106
|
+
" ghp_abcdef1234567890abcdef12345678901234",
|
|
107
|
+
"Multiple ghp_**** and ghp_****",
|
|
108
|
+
),
|
|
109
|
+
],
|
|
110
|
+
),
|
|
111
|
+
"mask_password_assignment": ValidatedPattern(
|
|
112
|
+
name="mask_password_assignment",
|
|
113
|
+
pattern=r"(?i)\b(password\s*[=: ]\s*)['\"]([^'\"]{8,})['\"]",
|
|
114
|
+
replacement=r"\1'****'",
|
|
115
|
+
description="Mask password assignments in various formats (case insensitive)",
|
|
116
|
+
global_replace=True,
|
|
117
|
+
test_cases=[
|
|
118
|
+
('password="secret123456"', "password='****'"),
|
|
119
|
+
("password='my_long_password'", "password='****'"),
|
|
120
|
+
('password: "another_secret_password"', "password: '****'"),
|
|
121
|
+
("password = 'spaced_password_assignment'", "password = '****'"),
|
|
122
|
+
('password="short"', 'password="short"'),
|
|
123
|
+
(
|
|
124
|
+
"not_password='should_not_be_masked'",
|
|
125
|
+
"not_password='should_not_be_masked'",
|
|
126
|
+
),
|
|
127
|
+
('PASSWORD="UPPERCASE_PASSWORD"', "PASSWORD='****'"),
|
|
128
|
+
],
|
|
129
|
+
),
|
|
130
|
+
"mask_pypi_token": ValidatedPattern(
|
|
131
|
+
name="mask_pypi_token",
|
|
132
|
+
pattern=r"\bpypi-[a-zA-Z0-9_-]{12,}\b",
|
|
133
|
+
replacement="pypi-****",
|
|
134
|
+
description="Mask PyPI authentication tokens (word boundaries to prevent"
|
|
135
|
+
" false matches)",
|
|
136
|
+
global_replace=True,
|
|
137
|
+
test_cases=[
|
|
138
|
+
("pypi-AgEIcHlwaS5vcmcCJGE4M2Y3ZjI", "pypi-****"),
|
|
139
|
+
(
|
|
140
|
+
"Using token: pypi-AgEIcHlwaS5vcmcCJGE4M2Y3ZjI for upload",
|
|
141
|
+
"Using token: pypi-**** for upload",
|
|
142
|
+
),
|
|
143
|
+
("pypi-short", "pypi-short"),
|
|
144
|
+
(
|
|
145
|
+
"not pypi-AgEIcHlwaS5vcmcCJGE4M2Y3ZjI",
|
|
146
|
+
"not pypi-****",
|
|
147
|
+
),
|
|
148
|
+
(
|
|
149
|
+
"Multiple pypi-token1234567890 and pypi-anothertokenhere",
|
|
150
|
+
"Multiple pypi-**** and pypi-****",
|
|
151
|
+
),
|
|
152
|
+
],
|
|
153
|
+
),
|
|
154
|
+
"mask_token_assignment": ValidatedPattern(
|
|
155
|
+
name="mask_token_assignment",
|
|
156
|
+
pattern=r"(?i)\b(token\s*[=: ]\s*)['\"]([^'\"]{8,})['\"]",
|
|
157
|
+
replacement=r"\1'****'",
|
|
158
|
+
description="Mask token assignments in various formats (case insensitive)",
|
|
159
|
+
global_replace=True,
|
|
160
|
+
test_cases=[
|
|
161
|
+
('token="abc123def456789"', "token='****'"),
|
|
162
|
+
("token='long_secret_token_here'", "token='****'"),
|
|
163
|
+
('token: "another_secret_token"', "token: '****'"),
|
|
164
|
+
("token = 'spaced_assignment_token'", "token = '****'"),
|
|
165
|
+
('token="short"', 'token="short"'),
|
|
166
|
+
(
|
|
167
|
+
"not_token='should_not_be_masked'",
|
|
168
|
+
"not_token='should_not_be_masked'",
|
|
169
|
+
),
|
|
170
|
+
('TOKEN="UPPERCASE_TOKEN_HERE"', "TOKEN='****'"),
|
|
171
|
+
],
|
|
172
|
+
),
|
|
173
|
+
"remove_debug_prints_with_secrets": ValidatedPattern(
|
|
174
|
+
name="remove_debug_prints_with_secrets",
|
|
175
|
+
pattern=r"print\s*\([^)]*(?: password|secret|key|token)[^)]*\)",
|
|
176
|
+
replacement="",
|
|
177
|
+
description="Remove debug print statements that contain sensitive information",
|
|
178
|
+
global_replace=True,
|
|
179
|
+
test_cases=[
|
|
180
|
+
('print("password: ", password)', ""),
|
|
181
|
+
("print(f'Token: {token}')", ""),
|
|
182
|
+
("print('Debug secret value')", ""),
|
|
183
|
+
(
|
|
184
|
+
"print('Normal debug message')",
|
|
185
|
+
"print('Normal debug message')",
|
|
186
|
+
),
|
|
187
|
+
('print("API key is", key)', ""),
|
|
188
|
+
],
|
|
189
|
+
),
|
|
190
|
+
}
|
|
@@ -0,0 +1,221 @@
|
|
|
1
|
+
"""Path traversal and directory access detection patterns.
|
|
2
|
+
|
|
3
|
+
This module contains patterns for detecting directory traversal attacks,
|
|
4
|
+
suspicious file path patterns, and unauthorized directory access attempts.
|
|
5
|
+
"""
|
|
6
|
+
|
|
7
|
+
from ..core import ValidatedPattern
|
|
8
|
+
|
|
9
|
+
PATTERNS: dict[str, ValidatedPattern] = {
|
|
10
|
+
"detect_directory_traversal_basic": ValidatedPattern(
|
|
11
|
+
name="detect_directory_traversal_basic",
|
|
12
|
+
pattern=r"\.\./",
|
|
13
|
+
replacement="[TRAVERSAL]",
|
|
14
|
+
description="Detect basic directory traversal patterns (../)",
|
|
15
|
+
global_replace=True,
|
|
16
|
+
test_cases=[
|
|
17
|
+
("../config.txt", "[TRAVERSAL]config.txt"),
|
|
18
|
+
("normal/path", "normal/path"),
|
|
19
|
+
("../../etc/passwd", "[TRAVERSAL][TRAVERSAL]etc/passwd"),
|
|
20
|
+
],
|
|
21
|
+
),
|
|
22
|
+
"detect_directory_traversal_backslash": ValidatedPattern(
|
|
23
|
+
name="detect_directory_traversal_backslash",
|
|
24
|
+
pattern=r"\.\.[/\\]",
|
|
25
|
+
replacement="[TRAVERSAL]",
|
|
26
|
+
description="Detect directory traversal with forward/back slashes",
|
|
27
|
+
global_replace=True,
|
|
28
|
+
test_cases=[
|
|
29
|
+
("..\\config.txt", "[TRAVERSAL]config.txt"),
|
|
30
|
+
("../config.txt", "[TRAVERSAL]config.txt"),
|
|
31
|
+
("normal/path", "normal/path"),
|
|
32
|
+
],
|
|
33
|
+
),
|
|
34
|
+
"detect_url_encoded_traversal": ValidatedPattern(
|
|
35
|
+
name="detect_url_encoded_traversal",
|
|
36
|
+
pattern=r"%2e%2e%2f",
|
|
37
|
+
replacement="[TRAVERSAL]",
|
|
38
|
+
description="Detect URL encoded directory traversal (%2e%2e%2f = ../)",
|
|
39
|
+
global_replace=True,
|
|
40
|
+
test_cases=[
|
|
41
|
+
("path/%2e%2e%2f/config", "path/[TRAVERSAL]/config"),
|
|
42
|
+
("normal/path", "normal/path"),
|
|
43
|
+
("%2e%2e%2fpasswd", "[TRAVERSAL]passwd"),
|
|
44
|
+
],
|
|
45
|
+
),
|
|
46
|
+
"detect_double_url_encoded_traversal": ValidatedPattern(
|
|
47
|
+
name="detect_double_url_encoded_traversal",
|
|
48
|
+
pattern=r"%252e%252e%252f",
|
|
49
|
+
replacement="[TRAVERSAL]",
|
|
50
|
+
description="Detect double URL encoded directory traversal",
|
|
51
|
+
global_replace=True,
|
|
52
|
+
test_cases=[
|
|
53
|
+
("path/%252e%252e%252f/config", "path/[TRAVERSAL]/config"),
|
|
54
|
+
("normal/path", "normal/path"),
|
|
55
|
+
],
|
|
56
|
+
),
|
|
57
|
+
"detect_null_bytes_url": ValidatedPattern(
|
|
58
|
+
name="detect_null_bytes_url",
|
|
59
|
+
pattern=r"%00",
|
|
60
|
+
replacement="[NULL]",
|
|
61
|
+
description="Detect URL encoded null bytes",
|
|
62
|
+
global_replace=True,
|
|
63
|
+
test_cases=[
|
|
64
|
+
("file.txt%00.jpg", "file.txt[NULL].jpg"),
|
|
65
|
+
("normal.txt", "normal.txt"),
|
|
66
|
+
],
|
|
67
|
+
),
|
|
68
|
+
"detect_null_bytes_literal": ValidatedPattern(
|
|
69
|
+
name="detect_null_bytes_literal",
|
|
70
|
+
pattern=r"\\x00",
|
|
71
|
+
replacement="[NULL]",
|
|
72
|
+
description="Detect literal null byte patterns",
|
|
73
|
+
global_replace=True,
|
|
74
|
+
test_cases=[
|
|
75
|
+
("file.txt\\x00", "file.txt[NULL]"),
|
|
76
|
+
("normal.txt", "normal.txt"),
|
|
77
|
+
],
|
|
78
|
+
),
|
|
79
|
+
"detect_utf8_overlong_null": ValidatedPattern(
|
|
80
|
+
name="detect_utf8_overlong_null",
|
|
81
|
+
pattern=r"%c0%80",
|
|
82
|
+
replacement="[NULL]",
|
|
83
|
+
description="Detect UTF-8 overlong null byte encoding",
|
|
84
|
+
global_replace=True,
|
|
85
|
+
test_cases=[
|
|
86
|
+
("file.txt%c0%80", "file.txt[NULL]"),
|
|
87
|
+
("normal.txt", "normal.txt"),
|
|
88
|
+
],
|
|
89
|
+
),
|
|
90
|
+
"detect_sys_directory_pattern": ValidatedPattern(
|
|
91
|
+
name="detect_sys_directory_pattern",
|
|
92
|
+
pattern=r"^/sys/?.*",
|
|
93
|
+
replacement="[DANGER]",
|
|
94
|
+
description="Detect access to /sys directory",
|
|
95
|
+
test_cases=[
|
|
96
|
+
("/sys/", "[DANGER]"),
|
|
97
|
+
("/sys/devices", "[DANGER]"),
|
|
98
|
+
("/usr/sys", "/usr/sys"),
|
|
99
|
+
],
|
|
100
|
+
),
|
|
101
|
+
"detect_proc_directory_pattern": ValidatedPattern(
|
|
102
|
+
name="detect_proc_directory_pattern",
|
|
103
|
+
pattern=r"^/proc/?.*",
|
|
104
|
+
replacement="[DANGER]",
|
|
105
|
+
description="Detect access to /proc directory",
|
|
106
|
+
test_cases=[
|
|
107
|
+
("/proc/", "[DANGER]"),
|
|
108
|
+
("/proc/self", "[DANGER]"),
|
|
109
|
+
("/usr/proc", "/usr/proc"),
|
|
110
|
+
],
|
|
111
|
+
),
|
|
112
|
+
"detect_etc_directory_pattern": ValidatedPattern(
|
|
113
|
+
name="detect_etc_directory_pattern",
|
|
114
|
+
pattern=r"^/etc/?.*",
|
|
115
|
+
replacement="[DANGER]",
|
|
116
|
+
description="Detect access to /etc directory",
|
|
117
|
+
test_cases=[
|
|
118
|
+
("/etc/", "[DANGER]"),
|
|
119
|
+
("/etc/passwd", "[DANGER]"),
|
|
120
|
+
("/usr/etc", "/usr/etc"),
|
|
121
|
+
],
|
|
122
|
+
),
|
|
123
|
+
"detect_boot_directory_pattern": ValidatedPattern(
|
|
124
|
+
name="detect_boot_directory_pattern",
|
|
125
|
+
pattern=r"^/boot/?.*",
|
|
126
|
+
replacement="[DANGER]",
|
|
127
|
+
description="Detect access to /boot directory",
|
|
128
|
+
test_cases=[
|
|
129
|
+
("/boot/", "[DANGER]"),
|
|
130
|
+
("/boot/grub", "[DANGER]"),
|
|
131
|
+
("/usr/boot", "/usr/boot"),
|
|
132
|
+
],
|
|
133
|
+
),
|
|
134
|
+
"detect_dev_directory_pattern": ValidatedPattern(
|
|
135
|
+
name="detect_dev_directory_pattern",
|
|
136
|
+
pattern=r"^/dev/?.*",
|
|
137
|
+
replacement="[DANGER]",
|
|
138
|
+
description="Detect access to /dev directory",
|
|
139
|
+
test_cases=[
|
|
140
|
+
("/dev/", "[DANGER]"),
|
|
141
|
+
("/dev/null", "[DANGER]"),
|
|
142
|
+
("/usr/dev", "/usr/dev"),
|
|
143
|
+
],
|
|
144
|
+
),
|
|
145
|
+
"detect_root_directory_pattern": ValidatedPattern(
|
|
146
|
+
name="detect_root_directory_pattern",
|
|
147
|
+
pattern=r"^/root/?.*",
|
|
148
|
+
replacement="[DANGER]",
|
|
149
|
+
description="Detect access to /root directory",
|
|
150
|
+
test_cases=[
|
|
151
|
+
("/root/", "[DANGER]"),
|
|
152
|
+
("/root/.ssh", "[DANGER]"),
|
|
153
|
+
("/usr/root", "/usr/root"),
|
|
154
|
+
],
|
|
155
|
+
),
|
|
156
|
+
"detect_var_log_directory_pattern": ValidatedPattern(
|
|
157
|
+
name="detect_var_log_directory_pattern",
|
|
158
|
+
pattern=r"^/var/log/?.*",
|
|
159
|
+
replacement="[DANGER]",
|
|
160
|
+
description="Detect access to /var/log directory",
|
|
161
|
+
test_cases=[
|
|
162
|
+
("/var/log/", "[DANGER]"),
|
|
163
|
+
("/var/log/messages", "[DANGER]"),
|
|
164
|
+
("/usr/var/log", "/usr/var/log"),
|
|
165
|
+
],
|
|
166
|
+
),
|
|
167
|
+
"detect_bin_directory_pattern": ValidatedPattern(
|
|
168
|
+
name="detect_bin_directory_pattern",
|
|
169
|
+
pattern=r"^/(usr/)?bin/?.*",
|
|
170
|
+
replacement="[DANGER]",
|
|
171
|
+
description="Detect access to /bin or /usr/bin directories",
|
|
172
|
+
test_cases=[
|
|
173
|
+
("/bin/", "[DANGER]"),
|
|
174
|
+
("/usr/bin/", "[DANGER]"),
|
|
175
|
+
("/usr/local/bin", "/usr/local/bin"),
|
|
176
|
+
],
|
|
177
|
+
),
|
|
178
|
+
"detect_sbin_directory_pattern": ValidatedPattern(
|
|
179
|
+
name="detect_sbin_directory_pattern",
|
|
180
|
+
pattern=r"^/(usr/)?sbin/?.*",
|
|
181
|
+
replacement="[DANGER]",
|
|
182
|
+
description="Detect access to /sbin or /usr/sbin directories",
|
|
183
|
+
test_cases=[
|
|
184
|
+
("/sbin/", "[DANGER]"),
|
|
185
|
+
("/usr/sbin/", "[DANGER]"),
|
|
186
|
+
("/usr/local/sbin", "/usr/local/sbin"),
|
|
187
|
+
],
|
|
188
|
+
),
|
|
189
|
+
"detect_parent_directory_in_path": ValidatedPattern(
|
|
190
|
+
name="detect_parent_directory_in_path",
|
|
191
|
+
pattern=r"\.\.",
|
|
192
|
+
replacement="[PARENT]",
|
|
193
|
+
description="Detect parent directory references anywhere in path",
|
|
194
|
+
global_replace=True,
|
|
195
|
+
test_cases=[
|
|
196
|
+
("../config", "[PARENT]/config"),
|
|
197
|
+
("safe/path", "safe/path"),
|
|
198
|
+
("path/../other", "path/[PARENT]/other"),
|
|
199
|
+
],
|
|
200
|
+
),
|
|
201
|
+
"detect_suspicious_temp_traversal": ValidatedPattern(
|
|
202
|
+
name="detect_suspicious_temp_traversal",
|
|
203
|
+
pattern=r"/tmp/.*\.\./", # nosec B108
|
|
204
|
+
replacement="[SUSPICIOUS]",
|
|
205
|
+
description="Detect traversal attempts in temp directories",
|
|
206
|
+
test_cases=[
|
|
207
|
+
("/tmp/safe/../etc/passwd", "[SUSPICIOUS]etc/passwd"), # nosec B108
|
|
208
|
+
("/tmp/normal/file.txt", "/tmp/normal/file.txt"), # nosec B108
|
|
209
|
+
],
|
|
210
|
+
),
|
|
211
|
+
"detect_suspicious_var_traversal": ValidatedPattern(
|
|
212
|
+
name="detect_suspicious_var_traversal",
|
|
213
|
+
pattern=r"/var/.*\.\./",
|
|
214
|
+
replacement="[SUSPICIOUS]",
|
|
215
|
+
description="Detect traversal attempts in var directories",
|
|
216
|
+
test_cases=[
|
|
217
|
+
("/var/lib/../etc/passwd", "[SUSPICIOUS]etc/passwd"),
|
|
218
|
+
("/var/lib/normal.txt", "/var/lib/normal.txt"),
|
|
219
|
+
],
|
|
220
|
+
),
|
|
221
|
+
}
|